SSLC:RootCertChainAddDefaultCert

Revision as of 18:36, 9 December 2015 by Yellows8 (talk | contribs) (→‎CertIDs)

Request

Index Word Description
0 Header code [0x00060080]
1 SSL RootCertChain context handle
2 Cert ID

Response

Index Word Description
0 Header code
1 Result code
2 Cert context handle.

CertIDs

ID Cert parsing output Notes
0x0 and >=0xC Invalid certID, error 0xd8e0b839 is returned for these.
0x1
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number: 0 (0x0)
   Signature Algorithm: sha1WithRSAEncryption
       Issuer: C=US, ST=Washington, O=Nintendo of America Inc, OU=NOA, CN=Nintendo CA/emailAddress=ca@noa.nintendo.com
       Validity
           Not Before: Aug 10 07:02:22 2005 GMT
           Not After : Dec 28 12:00:00 2049 GMT
       Subject: C=US, ST=Washington, O=Nintendo of America Inc, OU=NOA, CN=Nintendo CA/emailAddress=ca@noa.nintendo.com
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (1024 bit)
               Modulus:
                   00:b3:cd:79:97:77:5d:8a:af:86:a8:e8:d7:73:1c:
                   ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Subject Key Identifier: 
               7B:57:53:3F:31:AC:77:71:F1:FD:4A:E6:0F:43:B0:D5:55:41:9F:D2
       ...
0x2
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number: 1 (0x1)
   Signature Algorithm: sha1WithRSAEncryption
       Issuer: C=US, ST=Washington, O=Nintendo of America Inc., OU=IS, CN=Nintendo CA - G2/emailAddress=ca@noa.nintendo.com
       Validity
           Not Before: Jun  4 17:39:49 2008 GMT
           Not After : Dec 28 12:00:00 2049 GMT
       Subject: C=US, ST=Washington, O=Nintendo of America Inc., OU=IS, CN=Nintendo CA - G2/emailAddress=ca@noa.nintendo.com
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (2048 bit)
               Modulus:
                   00:9d:69:36:28:b4:83:62:5e:f4:b4:fe:40:ef:dc:
                   ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Subject Key Identifier: 
               96:A7:A1:9F:81:5C:73:C9:64:10:83:7F:B6:1E:1E:87:B7:E1:33:11
       ...
0x3
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number: 1 (0x1)
   Signature Algorithm: sha256WithRSAEncryption
       Issuer: C=US, ST=Washington, O=Nintendo of America Inc., OU=IS, CN=Nintendo CA - G3
       Validity
           Not Before: Jan 28 17:16:11 2010 GMT
           Not After : Dec 28 12:00:00 2049 GMT
       Subject: C=US, ST=Washington, O=Nintendo of America Inc., OU=IS, CN=Nintendo CA - G3
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (2048 bit)
               Modulus:
                   00:af:22:74:54:15:57:28:f6:6f:e1:ca:f4:a7:91:
                   ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Subject Key Identifier: 
               04:D3:DE:D3:FD:F0:C8:EB:C2:59:92:87:FB:1F:D7:3E:72:F8:ED:F9
       ...
"NINTENDO_CA_G3"
0x4
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number: 1 (0x1)
   Signature Algorithm: sha1WithRSAEncryption
       Issuer: C=US, ST=Washington, O=Nintendo of America Inc., OU=NOA, CN=Nintendo Class 2 CA/emailAddress=ca@noa.nintendo.com
       Validity
           Not Before: Jun 15 19:34:33 2007 GMT
           Not After : Dec 28 12:00:00 2049 GMT
       Subject: C=US, ST=Washington, O=Nintendo of America Inc., OU=NOA, CN=Nintendo Class 2 CA/emailAddress=ca@noa.nintendo.com
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (1024 bit)
               Modulus:
                   00:b4:a8:0f:e3:80:02:a7:ad:fb:59:9d:e1:92:9d:
                   ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Subject Key Identifier: 
               CB:40:16:7C:B1:37:2B:26:5A:35:DE:BE:F1:5B:50:8A:8D:0C:D4:BD
       ...
0x5
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number: 1 (0x1)
   Signature Algorithm: sha1WithRSAEncryption
       Issuer: C=US, ST=Washington, O=Nintendo of America, Inc., OU=IS, CN=Nintendo Class 2 CA - G2/emailAddress=ca@noa.nintendo.com
       Validity
           Not Before: Apr 29 15:31:36 2010 GMT
           Not After : Dec 28 12:00:00 2049 GMT
       Subject: C=US, ST=Washington, O=Nintendo of America, Inc., OU=IS, CN=Nintendo Class 2 CA - G2/emailAddress=ca@noa.nintendo.com
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (2048 bit)
               Modulus:
                   00:b6:0f:a0:4a:95:ec:ad:f7:75:09:7a:e5:aa:81:
                   ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Subject Key Identifier: 
               94:72:FA:4D:B3:DA:66:4A:B9:37:7B:AD:64:9E:9C:89:90:DA:D3:33
       ...
0x6
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number: 1 (0x1)
   Signature Algorithm: sha256WithRSAEncryption
       Issuer: C=US, ST=Washington, O=Nintendo of America, Inc., OU=IS, CN=Nintendo Class 2 CA - G3/emailAddress=ca@noa.nintendo.com
       Validity
           Not Before: Apr 29 15:59:18 2010 GMT
           Not After : Dec 28 12:00:00 2049 GMT
       Subject: C=US, ST=Washington, O=Nintendo of America, Inc., OU=IS, CN=Nintendo Class 2 CA - G3/emailAddress=ca@noa.nintendo.com
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (2048 bit)
               Modulus:
                   00:d1:d0:99:4b:b9:36:9b:88:a5:15:79:a5:b5:ce:
                   ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Subject Key Identifier: 
               F7:C6:0A:7C:72:7C:2C:C4:BC:93:28:41:E4:EE:70:F0:03:A0:BB:B7
       ...
"NINTENDO_CLASS2_CA_G3"
0x7
Certificate:
   Data:
       Version: 1 (0x0)
       Serial Number: 421 (0x1a5)
   Signature Algorithm: md5WithRSAEncryption
       Issuer: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
       Validity
           Not Before: Aug 13 00:29:00 1998 GMT
           Not After : Aug 13 23:59:00 2018 GMT
       Subject: C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (1024 bit)
               Modulus:
                   00:95:0f:a0:b6:f0:50:9c:e8:7a:c7:88:cd:dd:17:
                   0e:2e:b0:94:d0:1b:3d:0e:f6:94:c0:8a:94:c7:06:
                   c8:90:97:c8:b8:64:1a:7a:7e:6c:3c:53:e1:37:28:
                   73:60:7f:b2:97:53:07:9f:53:f9:6d:58:94:d2:af:
                   8d:6d:88:67:80:e6:ed:b2:95:cf:72:31:ca:a5:1c:
                   72:ba:5c:02:e7:64:42:e7:f9:a9:2c:d6:3a:0d:ac:
                   8d:42:aa:24:01:39:e6:9c:3f:01:85:57:0d:58:87:
                   45:f8:d3:85:aa:93:69:26:85:70:48:80:3f:12:15:
                   c7:79:b4:1f:05:2f:3b:62:99
               Exponent: 65537 (0x10001)
   Signature Algorithm: md5WithRSAEncryption
        6d:eb:1b:09:e9:5e:d9:51:db:67:22:61:a4:2a:3c:48:77:e3:
        ...
0x8
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number: 1 (0x1)
   Signature Algorithm: sha1WithRSAEncryption
       Issuer: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
       Validity
           Not Before: May 30 10:48:38 2000 GMT
           Not After : May 30 10:48:38 2020 GMT
       Subject: C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (2048 bit)
               Modulus:
                   00:b7:f7:1a:33:e6:f2:00:04:2d:39:e0:4e:5b:ed:
                   ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Subject Key Identifier: 
               AD:BD:98:7A:34:B4:26:F7:FA:C4:26:54:EF:03:BD:E0:24:CB:54:1A
           X509v3 Key Usage: 
               Certificate Sign, CRL Sign
           X509v3 Basic Constraints: critical
               CA:TRUE
           X509v3 Authority Key Identifier: 
               keyid:AD:BD:98:7A:34:B4:26:F7:FA:C4:26:54:EF:03:BD:E0:24:CB:54:1A
               DirName:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
               serial:01
 
   Signature Algorithm: sha1WithRSAEncryption
        b0:9b:e0:85:25:c2:d6:23:e2:0f:96:06:92:9d:41:98:9c:d9:
        ...
0x9
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number:
           4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
   Signature Algorithm: sha384WithRSAEncryption
       Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
       Validity
           Not Before: Jan 19 00:00:00 2010 GMT
           Not After : Jan 18 23:59:59 2038 GMT
       Subject: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (4096 bit)
               Modulus:
                   00:91:e8:54:92:d2:0a:56:b1:ac:0d:24:dd:c5:cf:
                   ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Subject Key Identifier: 
               BB:AF:7E:02:3D:FA:A6:F1:3C:84:8E:AD:EE:38:98:EC:D9:32:32:D4
           X509v3 Key Usage: critical
               Certificate Sign, CRL Sign
           X509v3 Basic Constraints: critical
               CA:TRUE
   Signature Algorithm: sha384WithRSAEncryption
        0a:f1:d5:46:84:b7:ae:51:bb:6c:b2:4d:41:14:00:93:4c:9c:
        ...
0xA
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number:
           01:fd:6d:30:fc:a3:ca:51:a8:1b:bc:64:0e:35:03:2d
   Signature Algorithm: sha384WithRSAEncryption
       Issuer: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
       Validity
           Not Before: Feb  1 00:00:00 2010 GMT
           Not After : Jan 18 23:59:59 2038 GMT
       Subject: C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (4096 bit)
               Modulus:
                   00:80:12:65:17:36:0e:c3:db:08:b3:d0:ac:57:0d:
                   ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Subject Key Identifier: 
               53:79:BF:5A:AA:2B:4A:CF:54:80:E1:D8:9B:C0:9D:F2:B2:03:66:CB
           X509v3 Key Usage: critical
               Certificate Sign, CRL Sign
           X509v3 Basic Constraints: critical
               CA:TRUE
   Signature Algorithm: sha384WithRSAEncryption
        5c:d4:7c:0d:cf:f7:01:7d:41:99:65:0c:73:c5:52:9f:cb:f8:
        ...
0xB
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number:
           02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
   Signature Algorithm: sha1WithRSAEncryption
       Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
       Validity
           Not Before: Nov 10 00:00:00 2006 GMT
           Not After : Nov 10 00:00:00 2031 GMT
       Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
               Public-Key: (2048 bit)
               Modulus:
                   00:c6:cc:e5:73:e6:fb:d4:bb:e5:2d:2d:32:a6:df:
                   ...
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Key Usage: critical
               Digital Signature, Certificate Sign, CRL Sign
           X509v3 Basic Constraints: critical
               CA:TRUE
           X509v3 Subject Key Identifier: 
               B1:3E:C3:69:03:F8:BF:47:01:D4:98:26:1A:08:02:EF:63:64:2B:C3
           X509v3 Authority Key Identifier: 
               keyid:B1:3E:C3:69:03:F8:BF:47:01:D4:98:26:1A:08:02:EF:63:64:2B:C3
   Signature Algorithm: sha1WithRSAEncryption
        1c:1a:06:97:dc:d7:9c:9f:3c:88:66:06:08:57:21:db:21:47:
        ...

Description

This adds the specified builtin root CA to the specified root-CA chain. When it's not already loaded, the DER cert is loaded from SSL module .data. Otherwise, already-loaded cert data is used for adding to the RootCertChain.